News from
ISAC
By
Noel Laam
|
|
|
Information Services Advisory
Committee (ISAC) is a committee that advises the Senate on
matters concerning the policy and development of the Information
Services Group. The following are a list of issues reviewed
and reported in the ISAC. |
Outsourcing of Dial-up Facility
To meet the rapidly growing demand
for dial-up facility, a modem pool of a total of 800 dial-up lines
including 96 for staff, 100 for express lines and 604 for students
was recommended. The ISAC decided that priority should be given
to improving on-campus Internet access rather than off-campus,
and agreed to outsource the entire modem pool to a carrier provider
and increase the total number of dial-up lines as recommended.
Network Connection for RAs and Students in Dormitory
A network connection charge is levied
for each computer connected to the campus network. During CSC's
annual visit to departments, some departments raised concern on
how to establish the budget to pay for the network connection
charges of the increasing research machines, the amount of which
was not catered for in their original research budget proposals.
Furthermore, as the existing student hostels (as well as future
ones) and staff quarters in To Yuen Street have all direct connections
to the campus network, the responsibility for payment of the network
connection charges of student hostels and staff quarters would
have to be decided. The ISAC resolved that the University should
cover the network connection charges in the student hostels and
staff quarters, while individual research projects should pay
the network connection charge as a matter of policy. It was also
resolved that staff members should be advised to make provision
for the network connection charge in their research budget proposals,
and the CSC should implement the policy for new research projects
and stop the connection if necessary. Otherwise, it would be unfair
to those who pay.
Network Connection/Service for External Users
Some departments have already installed,
or are considering to install, external communication link while
some have allocated computer accounts on departmental machines
in order to allow external parties convenient and direct access
to certain departmental services and/or facilities. Though departments
may find such external access desirable, it inevitably gives rise
to issues such as security risk, additional network bandwidth
for the Internet, heavier backbone and departmental traffic and
extra effort for network management. It was resolved in the ISAC
that the following guidelines be observed by departments for offering
remote access services to external parties:
i) To register with CSC well in advance
on all external access to departmental services/facilities that
are not physically disjointed from the campus network. This information
is useful for capacity planning; troubleshooting; and auditing
of network security, performance, and access related problems.
ii) To inform external users on policies
relating to password protection, virus protection, software licensing,
security, acceptable use policies of the central and departmental
network currently in effect, data privacy, etc. in order to minimise
potential threats to our network users.
iii) To ensure that proper system/network
security measures are timely implemented and central and departmental
policies are enforced by departmental system/network administrators
at all times so that departmental services or facilities will
not be used as a stepping stone to attack other machines on and
off the campus network.
Phasing out of Outdated Facilities
It was reported that the following
applications and systems have already been phased out due to obsolescence
or y2k compliance.
SPSS 4.1 and Lisrel 7 for Open VMS
Oracle 7.1.4 on UNIX servers
DOS/Windows 3.11
SunOS service
Pathworks Mail and DECNET
Report on Wireless LAN Pilot Scheme
The Wireless LAN (WLAN) pilot scheme
was carried out during Semester B 1998/99 (mainly from March to
May) to test the effectiveness of the set up and to look into
various issues related to the use of this new technology in teaching
and learning environment. Altogether 21 lecturers from 13 departments/divisions
and 3 tutorial workshops from 3 different departments were participating
in this scheme using 22 classrooms. Loan pools of notebook computers
and WLAN antennas were set up to facilitate the implementation.
The WLAN pilot scheme was a success
and well received by staff and students. Most of them found the
WLAN reliable, convenient, flexible and fast.
Report on Hacking of Computers
About a dozen complaints relating
to computer hacking were received around mid 1999, half of them
complaining our users trying to hack some remote sites, and the
other half about remote sites trying to hack our machines. From
the network monitoring log, the number of hacking attempts far
exceeded what had been actually reported. Most of the alleged
hackers were using software like NetBus or Black Orifice to gain
access to and subsequently cause damage to the target machines.
Since the culprits could either fake the IP addresses or assume
victims' identities, it was therefore difficult to determine who
the victims and culprits were.
Counter measures such as employing
software to block and report these illegal break-in attempts,
or configuring routers to filter out traffic from specific IP
ports which the servers of NetBus etc. listened on were taken.
Security alerts were also issued from time to time to remind users
to install all necessary security patches, to properly protect
their passwords, and to contact the CSC for help if necessary.
Report on Screening of Internet Access
It was noted that some undesirable
content (eg. sex, obscene materials, violence, etc.) on the Internet
delivered in the form of Web pages, newsgroup messages etc. were
easily accessed by students. Since the reading of such contents
in public area would cause inconvenience and embarrassement to
other students, and would certainly damage the image of the University,
it was decided that all those computers that could be reached
in public areas, such as the Express Terminals and those in the
CSC Student Terminal Area, would be barred from accessing such
contents.